[TLS] Fwd: New Version Notification for draft-sheffer-tls-pinning-ticket-01.txt
Yaron Sheffer <yaronf.ietf@gmail.com> Sat, 06 February 2016 20:37 UTC
Return-Path: <yaronf.ietf@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BD27C1B335F for <tls@ietfa.amsl.com>; Sat, 6 Feb 2016 12:37:06 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id p9Zgrof5zIcV for <tls@ietfa.amsl.com>; Sat, 6 Feb 2016 12:37:04 -0800 (PST)
Received: from mail-wm0-x22d.google.com (mail-wm0-x22d.google.com [IPv6:2a00:1450:400c:c09::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 40B221B335C for <tls@ietf.org>; Sat, 6 Feb 2016 12:37:03 -0800 (PST)
Received: by mail-wm0-x22d.google.com with SMTP id p63so69243923wmp.1 for <tls@ietf.org>; Sat, 06 Feb 2016 12:37:03 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=subject:references:to:from:message-id:date:user-agent:mime-version :in-reply-to:content-type; bh=s8MxE1Hrg6//+lCM2v0njuOwG38ntx3dU3JJc8EJ63U=; b=KD9d0HYw6WQMc/QzafM2nrYhgcKBiZII/wvcNS6EUnLhgQ1UttOVEX/MGvAwx2SriN RsUI5eC7Wrv2B0dcAh7z2IIWTEBhVFc1jnjeeMVLI/1XstDC1f+Grd2yASRpICLiFzjU BdBxBpdHlVcLxvfiQwkCW0JTXNS3rTDurKoJ9y8mifL117hhl+rmRUex9+rBuZk5HHX+ cX+b/YzDrZJ0oLxt1mp3BWQSzSo9eiX3i0t23ib4LvqwoR6UuccPSFTV87jp3K5ki5dA dw0I06N29M7zqeM2BIAFpIK0T+DOK2IA6p+qZ7D66Ft9NfCAswUDEfu/EWCt4JNMoZF2 QvIQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:subject:references:to:from:message-id:date :user-agent:mime-version:in-reply-to:content-type; bh=s8MxE1Hrg6//+lCM2v0njuOwG38ntx3dU3JJc8EJ63U=; b=AtytI4KXOj8OT8vWiGumZUfGz86HqIfr2VM6t6Ff9b3ciSebaP0yVZbY2N0+YvLEPG 5WE83GJvu1DzXBBTjE4bK/n1RtSwpfmiNd2Bk+pp4KVdw6IX3sO2f25EWJBtA4YutS8I +Rozmq4hO2bEC319bT/O8Ihm9/rEDiRh9ZtQVoAStZoRgF7ALDKxs7XOwPPKyiD0zSnB 0EIpLLF5WNR+K13mdj5DqSAgvbjUGpCdwYyhCyUpsersjPhbnF7n+sqcWvocCKeIS7re tswvM7ZWrdo85VzmH4TFLTh5kOMMkvsJpFw57wlU2wdyBb4q9JXkECGspDJ2xh558iYQ EAiw==
X-Gm-Message-State: AG10YORe6a5t4p9wwy9QGl6tsh8QxrsTa1qTG0SfObC9sFfV9euF3iPxRPazCEL55QQo0A==
X-Received: by 10.194.173.65 with SMTP id bi1mr20034410wjc.110.1454791022623; Sat, 06 Feb 2016 12:37:02 -0800 (PST)
Received: from [10.0.0.11] (bzq-79-182-36-67.red.bezeqint.net. [79.182.36.67]) by smtp.gmail.com with ESMTPSA id x186sm4681168wmg.19.2016.02.06.12.36.59 for <tls@ietf.org> (version=TLSv1/SSLv3 cipher=OTHER); Sat, 06 Feb 2016 12:37:01 -0800 (PST)
References: <20160206202554.8543.90496.idtracker@ietfa.amsl.com>
To: tls@ietf.org
From: Yaron Sheffer <yaronf.ietf@gmail.com>
X-Forwarded-Message-Id: <20160206202554.8543.90496.idtracker@ietfa.amsl.com>
Message-ID: <56B65966.3020005@gmail.com>
Date: Sat, 06 Feb 2016 22:36:54 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.5.1
MIME-Version: 1.0
In-Reply-To: <20160206202554.8543.90496.idtracker@ietfa.amsl.com>
Content-Type: multipart/alternative; boundary="------------060202030506040708080801"
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/tHNcoDmW7hw2wdk8Xqzp4lkcie8>
Subject: [TLS] Fwd: New Version Notification for draft-sheffer-tls-pinning-ticket-01.txt
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 06 Feb 2016 20:37:06 -0000
The draft describes using an opaque ticket (similar to a session
resumption ticket) to pin the identity of a TLS server. The new version
addresses several comments on this list, in particular regarding the
message syntax, and requesting a comparison with TACK - thanks Dave and
Daniel.
Thanks,
Yaron
-------- Forwarded Message --------
Subject: New Version Notification for
draft-sheffer-tls-pinning-ticket-01.txt
Date: Sat, 06 Feb 2016 12:25:54 -0800
From: internet-drafts@ietf.org
To: Yaron Sheffer <yaronf.ietf@gmail.com>
A new version of I-D, draft-sheffer-tls-pinning-ticket-01.txt
has been successfully submitted by Yaron Sheffer and posted to the
IETF repository.
Name: draft-sheffer-tls-pinning-ticket
Revision: 01
Title: TLS Server Identity Pinning with Tickets
Document date: 2016-02-06
Group: Individual Submission
Pages: 16
URL: https://www.ietf.org/internet-drafts/draft-sheffer-tls-pinning-ticket-01.txt
Status: https://datatracker.ietf.org/doc/draft-sheffer-tls-pinning-ticket/
Htmlized: https://tools.ietf.org/html/draft-sheffer-tls-pinning-ticket-01
Diff: https://www.ietf.org/rfcdiff?url2=draft-sheffer-tls-pinning-ticket-01
Abstract:
Fake public-key certificates are an ongoing problem for users of TLS.
Several solutions have been proposed, but none is currently in wide
use. This document proposes to extend TLS with opaque tickets,
similar to those being used for TLS session resumption, as a way to
pin the server's identity. That is, to ensure the client that it is
connecting to the right server even in the presence of corrupt
certificate authorities and fake certificates. The main advantage of
this solution is that no manual management actions are required.
Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.
The IETF Secretariat
- [TLS] Fwd: New Version Notification for draft-she… Yaron Sheffer
- Re: [TLS] Fwd: New Version Notification for draft… Benjamin Kaduk